Blog

7 Layers of Data Security: Perimeter

By Christina Southern on Jun 21, 2016 7:21:16 AM

Note: Today is week 3 of a 9-week blog series in which we are peeling back the 7 Layers of Data Security. By taking this journey, you are making long strides toward building a culture of security that will endure for years, weather future challenges, and meet every compliance and regulatory requirement you face.  Catch up on the series here.

Layer 1: Perimeter Security

 

Perimeter Security Graphic

The Perimeter of your network is the demarcation between you and third parties such as vendors, partners, and the Internet.

 

Your perimeter is the point to which you have control of your network, technology, and data. It is the outer edge of what you can control and have a responsibility to safeguard. As such, it is also the first point of contact for many external threats to your network.

The History of the Fuzzy Perimeter

Fuzzy Perimeter SecurityIt used to be easy to define a network's perimeter. The computer/mainframe was locked in a dedicated room, and the only source of inputs and outputs were handled manually. The perimeter of the network was very clear.

Then came the keyboard, monitor, and desktop computer, which extended to the network to those devices. The perimeter grew, but it was still simple to control access to the network.

Then, the Internet linked personal computers to essentially every other personal computer. A company’s network was connected to an infinite number of other networks, expanding the company’s perimeter far and wide.

One in three companies do not have a written information security policy.

With the rise of mobile phones, tablets and smart devices, the perimeters of most networks have become dangerously fuzzy. Each device represents a path inside your company’s most sacred areas. As you can imagine, perimeter security in the mobile era is difficult to maintain.

Difficult, but not impossible.

How to Protect your Perimeter

There are multiple ways to clarify and secure your network perimeter. But since every network is different, the exact strategies for protecting it is beyond the scope of this article. However, at the risk of oversimplifying, the process and tools outlined below will give you an understanding of what safeguarding your network edge will look like.

The Four-Step Process for Protecting Your Perimeter

  1. Identify the perimeter – document all devices that have access to your network
  2. Learn what data flows through the perimeter
  3. Secure the devices that form the perimeter
  4. Guard the data that flows through the perimeter

There are many technologies available to you to help secure your network perimeter:

  • Firewalls
  • Anti-virus / Anti-malware on those firewalls
  • Intrusion Detection software
  • Intrusion Prevention Software
  • Data Loss Prevention: Ensuring certain data doesn't leave your network
  • Secure De-Militarized Zone (DMZ) - A more secure network configuration

Layer 2: Network Security

After securing the edge of your network, we must understand how to protect the network itself. Next week, we’ll look at the second layer, the concept of Network Security. Catch up on the rest of the series here.

Security Assessment

Now is the time to consider the next step toward building a culture of security within your organization. Request a Security Assessment from TekLinks' team of experts.

Sign up to receive weekly updates on the 7 Layers of Data Protection blog series.


WHO IS TEKLINKS? A national leader in cloud computing, managed services, engineering services, and value-added resale. We’re a team of expert techies and business professionals who are passionate about building valuable relationships and getting things done right. Simply put: We make IT work for business.

Topics: Business Tech, Security


WHO IS TEKLINKS? A national leader in cloud computing, managed services, engineering services, and value-added resale. We’re a team of expert techies and business professionals who are passionate about building valuable relationships and getting things done right. Simply put: We make IT work for business.